To strengthen the security of its state-of-the-art line of products, OpenAI has
launched a novel bug bounty program, inviting registered security specialists to
identify and report potential system flaws.

The program boasts attractive incentives, starting at $200 for less significant
bugs and reaching an impressive $20,000 for critical vulnerabilities.

OpenAI said its latest initiative signifies its dedication to cybersecurity as
the organization acknowledges the hazards associated with the sw

A data breach at The Kodi Foundation forum has exposed the personal info of over
400,000 users.

The non-profit organization is the developer of the Kodi media center, a free
and open-source software entertainment hub and media player.

According to a breach notice published April 8, the Kodi Team learned of
unauthorized access after a data dump of its forum user base (MyBB) was offered
for sale online.

Kodi’s post also revealed how the criminals used compromised admin credentials
to infiltrate

When many of us moved our server and application needs to the cloud, we rejoiced that we no longer had to worry about the drudgery of patching. We didn’t have to monitor servers and their Patch Tuesday deployments; it was all in Microsoft’s hands. But as often occurs with cloud deployments, a solution that means you no longer have to worry about one area can create security issues in others.  

Time and again in the handling of any cloud deployment, how we manage identity and authentication needs to be reviewed on a scheduled basis to ensure that the security of cloud assets is being handled according to the latest recommended guidance. In the worst-case scenario, the attackers find out first and don’t inform us to take action. In the best case, researchers find a flaw and work with the vendors to help us all make better security decisions — Orca Security recently pointed out just such a flaw.

To read this article in full, please click here

Since 2009, Imperva has proudly maintained offices in various countries across the Asia Pacific and Japan (APJ) region. As the company experiences momentum in this region, we continue to invest in expanding our presence to better support our valued customers, wherever they’re located in APJ.  This month, we are excited to open a larger office […]

The post New Imperva Office & Customer Experience Centre Aims to Meet the Needs of Customers In Singapore & Across Asia Pacific and Japan appeared first on Blog.

It’s the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild.
Seven of the 97 bugs are rated Critical and 90 are rated Important in severity. Interestingly, 45 of the shortcomings are remote code execution flaws, followed by 20

SAP fixed two critical bugs that affect the Diagnostics Agent and the BusinessObjects Business Intelligence Platform. SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. The most critical vulnerabilities are: The complete list of the notes is reported in the latest security bulletin: SAP administrators are urged to […]

The post SAP April 2023 security updates fix critical vulnerabilities appeared first on Security Affairs.

AI company OpenAI launched a bug bounty program and announced payouts of up to $20,000 for security flaws in its ChatGPT chatbot service. OpenAI launched a bug bounty program and it is offering up to $20,000 to bug hunters that will report vulnerabilities in its ChatGPT chatbot service. The company explained that ChatGPT is in […]

The post OpenAI launched a bug bounty program appeared first on Security Affairs.

Microsoft has addressed a zero-day in the Windows Common Log File System (CLFS) actively exploited in ransomware attacks. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2023-28252, in the Windows Common Log File System (CLFS), which is actively exploited in ransomware attacks. Microsoft fixed the issue with the release of Patch Tuesday security updates for […]

The post Cybercrime group exploits Windows zero-day in ransomware attacks appeared first on Security Affairs.